CN110851857B - Method and device for realizing identity endorsement on block chain - Google Patents
Method and device for realizing identity endorsement on block chain Download PDFInfo
- Publication number
- CN110851857B CN110851857B CN201910973623.XA CN201910973623A CN110851857B CN 110851857 B CN110851857 B CN 110851857B CN 201910973623 A CN201910973623 A CN 201910973623A CN 110851857 B CN110851857 B CN 110851857B
- Authority
- CN
- China
- Prior art keywords
- authentication
- information
- user
- statement
- account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 230000007246 mechanism Effects 0.000 claims abstract description 53
- 238000012795 verification Methods 0.000 claims abstract description 18
- 238000012797 qualification Methods 0.000 claims abstract description 10
- 238000012790 confirmation Methods 0.000 claims abstract description 4
- 230000000153 supplemental effect Effects 0.000 claims description 4
- 238000012550 audit Methods 0.000 claims description 3
- 230000010365 information processing Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000036541 health Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6272—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a method and a device for realizing identity endorsement on a block chain, wherein the method comprises the following steps: the user is used as an applicant to submit authentication information to a third-party authentication mechanism, the third-party authentication mechanism verifies and generates an authentication statement, the third-party authentication mechanism stores the authentication statement and evidence storing information into the block chain, and the authentication statement comprising the evidence storing information is returned to the user; the information requestor requests the authentication statement from a user, and the user decrypts the authentication statement and sends the decrypted authentication statement to the information requestor; and the information requestor queries in a block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication without error after confirmation. According to the scheme of the invention, only the authentication statement and the evidence storage information are stored in the block chain, so that the real identity information of the user is confirmed, and the information is not leaked. And under the condition of not changing the existing account system, identity information is added to the account, and verification can be carried out in the block chain.
Description
Technical Field
The invention relates to the field of data information processing, in particular to a method and a device for realizing identity endorsement on a block chain.
Background
The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. The block chain technology is widely applied to the technical fields of finance, medical health, copyright, communication, internet of things, file management and the like. The block chain technology can ensure the integrity, the permanence and the irreparable modification of all data, and can solve the technical problems of evidence storage, tracking, backtracking and the like in the technical field.
In the existing block chain technology, an address or an account on a block chain cannot be contacted with a user entity having the address or the account in reality, and certain anonymity exists. When the blockchain technology can be applied to the technical fields of finance, medical health, copyright, communication, internet of things, file management and the like, in the existing blockchain account system, the account and people or entities in the real environment cannot generate actual contact on the blockchain, so that the identity of a user cannot be confirmed. Because the accounts of the users on the blockchain are mutually independent, when one user in a real environment holds a plurality of private keys, a third party providing services cannot provide perfect services for the user based on the identity of the user; or when the information is inquired, the inquired information is incomplete.
Disclosure of Invention
In order to solve the technical problems, the invention provides a method and a device for realizing identity endorsement on a blockchain, which are used for solving the technical problems that a third party providing service cannot provide perfect service for a user or inquire information based on the identity of the user, the inquired information is incomplete and the like because the identity of the user on the blockchain is not confirmed in the prior art.
According to a first aspect of the present invention, there is provided a method for implementing an identity endorsement on a blockchain, comprising:
step S101: a user is used as an applicant to submit authentication information to a third-party authentication mechanism, the third-party authentication mechanism carries out auditing and generates an authentication statement according to the authentication information, the third-party authentication mechanism generates corresponding authentication statement evidence storing information according to the authentication statement and stores the corresponding authentication statement evidence storing information into a block chain, then the evidence storing information is attached to the authentication statement, and the complete authentication statement including the evidence storing information is returned to the user; the user is an individual user or an enterprise;
step S102: the information requestor requests an authentication statement from a user, the user informs the user of a certain account, decrypts the authentication statement and sends the decrypted authentication statement to the information requestor in a safe manner; and the information requestor queries in the block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication after confirming the correctness.
Further, the step S101 includes:
step S1011: a user registers an account on a blockchain;
step S1012: the user as an applicant submits certification information to a third-party certification authority;
step S1013: the third party certification authority audits the certification information and generates a certification statement according to the material submitted by the user, and the third party certification authority signs the certification statement by using a private key;
step S1014: the third party certification authority returns the signed certification statement to the applicant, and the applicant signs the certification statement by using a private key corresponding to the account of the applicant after confirming that the information in the certification statement is correct and returns the certification statement signed by the private key corresponding to the account to the third party certification authority;
step S1015: the third party certification authority generates corresponding certification statement evidence storing information according to the certification statement signed by the applicant, stores the corresponding certification statement evidence storing information in a block chain, attaches the evidence storing information to the certification statement, and returns the complete certification statement including the evidence storing information to the applicant; meanwhile, the third-party certification authority also stores a complete certification statement comprising the certificate storage information;
step S1016: the applicant maintains a complete certification statement including the credentialing information.
Further, after step S102, a supplementary registration may be performed on the user identity, where the supplementary registration includes:
step S1021: a user issues a supplementary authentication application, and the supplementary authentication application is sent to a block chain intelligent contract, wherein the supplementary authentication application comprises signature information of an authenticated account of the user and signature information corresponding to one or more accounts needing supplementary authentication;
step S1022: the blockchain smart contract verifies whether the authenticated account is valid; if yes, go to step S1023; otherwise, the supplementary registration is finished;
step S1023: the blockchain smart contract authenticates whether the user is an actual holder of an account that needs replenishment; if yes, go to step S1024; if not, the supplementary registration is finished;
step S1024: the blockchain intelligent contract binds a plurality of accounts of the supplementary authentication submitted by the user to the authenticated authentication statement evidence information.
Further, the blockchain smart contract verifying whether the authenticated account is valid, comprising:
s1: inquiring whether the account information submitted by the user exists in the block chain; if so, go to S2; otherwise, the verification fails;
s2: judging whether the account information is authenticated, namely whether the account is bound with authentication statement evidence-storing information, and if the account submitted by the user is a main account, judging whether the main account is bound with the authentication statement evidence-storing information; if the user submits the sub-account, inquiring whether the sub-account has a main account associated with the sub-account, and judging whether the main account is bound with authentication statement evidence storage information; if the account information is authenticated, entering S3; if the account information is not authenticated, the verification fails;
s3: judging whether the bound authentication statement storage information is cancelled or not; if so, the verification fails; if not, the verification is passed.
Further, after step S102, the user identity may be revoked, where the logout user identity includes two logout modes, namely, a user active logout mode and a third-party certification authority logout mode;
the user active logout mode comprises the following steps:
s1: the user directly sends logout information to the block chain by himself or through an agency mechanism;
s2: after the block chain verifies the user identity through the account, canceling the authentication statement and the certificate storage information of the user;
s3: the third-party certification authority monitors the generated certification statement, and if the certification statement which is actively cancelled by the user is found to store certification information, the third-party certification authority executes an internal cancellation process to cancel the certification statement of the user stored in the third-party certification authority;
the third party certification authority logout mode comprises the following steps:
1): the third party certification authority sends logout information to the block chain;
2): after the block chain passes through the account verification mechanism identity of the third-party authentication mechanism, canceling the designated authentication statement and evidence storage information;
3): and after confirming that the logout is successful, the third-party mechanism informs the user and informs the user that the identity of the user is logged out.
According to a second aspect of the present invention, there is provided an apparatus for implementing identity endorsement on a blockchain, comprising:
an identity registration module: the authentication system is used for submitting authentication information to a third-party authentication mechanism by a user as an applicant, verifying by the third-party authentication mechanism and generating an authentication statement according to the authentication information, the third-party authentication mechanism generates corresponding authentication statement evidence storage information according to the authentication statement and stores the corresponding authentication statement evidence storage information into a block chain, then the evidence storage information is attached to the authentication statement, and a complete authentication statement including the evidence storage information is returned to the user; the user is an individual user or an enterprise;
an identity authentication module: the system comprises an information requestor and a user, wherein the information requestor is used for asking for an authentication statement from the information requestor, and the user informs the user of a certain account, decrypts the authentication statement and then sends the decrypted authentication statement to the information requestor in a safe mode; and the information requestor queries in the block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication after confirming the correctness.
Further, the identity registration module comprises:
a registration submodule: for registering an account on the blockchain by the user;
the submit authentication information submodule: for submitting authentication information by the user as an applicant to a third party certification authority;
an auditing submodule: the third-party certification authority is used for auditing the certification information and generating a certification statement according to the material submitted by the user, and the third-party certification authority signs the certification statement by using a private key;
a confirmation submodule: the third-party certification authority is used for returning the signed certification statement to the applicant, the applicant uses a private key corresponding to the account of the applicant to sign the certification statement after confirming that the information in the certification statement is correct, and returns the certification statement signed by the private key corresponding to the account to the third-party certification authority;
a first storage submodule: the third-party certification authority is used for generating corresponding certification statement evidence storage information according to the certification statement signed by the applicant, storing the certification statement evidence storage information on the block chain, attaching the evidence storage information to the certification statement, and returning the complete certification statement including the evidence storage information to the applicant; meanwhile, the third-party certification authority also stores a complete certification statement comprising the certificate storage information;
a second storage submodule: for the applicant to maintain a complete certification statement including the credentialing information.
Further, the apparatus for implementing identity endorsement further comprises a supplementary registration module, configured to perform supplementary registration for the identity of the user, where the supplementary registration module includes:
supplementary authentication application submodule: the system comprises a block chain intelligent contract, a user and a server, wherein the block chain intelligent contract is used for issuing a supplementary authentication application by the user and sending the application to the block chain intelligent contract, and the supplementary authentication application comprises signature information of an authenticated account of the user and signature information corresponding to one or more accounts needing supplementary authentication;
a first judgment sub-module: for verifying by the blockchain smart contract whether the authenticated account is valid;
a second judgment sub-module: the blockchain smart contract authenticates whether the user is an actual holder of an account that needs replenishment;
the information binding submodule comprises: a means for binding accounts submitted by the user for supplemental authentication to authenticated statement of authentication deposit information by the blockchain smart contract.
Further, the first judgment sub-module includes:
a query submodule: the system is used for inquiring whether the account information submitted by the user exists in the blockchain;
a judgment submodule: the account information processing device is used for judging whether the account information is authenticated or not, namely whether the account is bound with the authentication statement evidence storage information or not, and judging whether the main account is bound with the authentication statement evidence storage information or not if the account submitted by the user is the main account; if the user submits the sub-account, inquiring whether the sub-account has a main account associated with the sub-account, and judging whether the main account is bound with authentication statement evidence storage information;
logout judgment submodule: and the authentication statement used for judging whether the bound authentication statement storage information is logged off.
Further, the device for implementing identity endorsement on the block chain further comprises an identity logout submodule for logging out the identity of the user, wherein the logging out the identity of the user comprises two logging out modes of user active logging out and third-party certification authority logging out.
According to a third aspect of the present invention, there is provided a system for implementing identity endorsements on blockchains, comprising:
a processor for executing a plurality of instructions;
a memory to store a plurality of instructions;
wherein the instructions are for being stored by the memory and loaded and executed by the processor to implement the method for identity endorsement on a blockchain as described above.
According to a fourth aspect of the present invention, there is provided a computer readable storage medium having a plurality of instructions stored therein; the plurality of instructions for loading and executing by the processor the method for implementing an identity endorsement on a blockchain as described above.
According to the scheme of the invention, based on the existing address or account system of the block chain, a third-party certification authority with qualification and capability is combined to endorse the user for the user identity. The third-party certification authority issues a certification statement for certifying the identity after finishing the identity verification of the user, and the certification statement is only stored on the block chain in a Hash value form, so that the real identity information of the user can be confirmed, and the real identity information of the user is not leaked. And under the condition of not changing the existing account system, identity information is added to the account, and verification can be carried out in the blockchain.
The foregoing description is only an overview of the technical solutions of the present invention, and in order to make the technical solutions of the present invention more clearly understood and to implement them in accordance with the contents of the description, the following detailed description is given with reference to the preferred embodiments of the present invention and the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and, together with the description, serve to explain the principles of the invention. In the drawings:
fig. 1 is a flowchart of a method for implementing an identity endorsement on a blockchain according to the present invention;
FIG. 2 is a flowchart of a method for registering and authenticating a user identity according to the present invention;
fig. 3 is a block diagram of an apparatus for implementing an identity endorsement on a block chain according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the specific embodiments of the present invention and the accompanying drawings. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
First, a method for implementing an identity endorsement on a blockchain according to the present invention is described with reference to fig. 1, and fig. 1 shows a flowchart of a method for implementing an identity endorsement on a blockchain according to the present invention. As shown in fig. 1, the method comprises the steps of:
step S101: a user is used as an applicant to submit authentication information to a third-party authentication mechanism, the third-party authentication mechanism carries out auditing and generates an authentication statement according to the authentication information, the third-party authentication mechanism generates corresponding authentication statement evidence storing information according to the authentication statement and stores the corresponding authentication statement evidence storing information into a block chain, then the evidence storing information is attached to the authentication statement, and the complete authentication statement including the evidence storing information is returned to the user; the user is an individual user or an enterprise;
step S102: the information requestor requests an authentication statement from a user, the user informs the user of a certain account, decrypts the authentication statement and sends the decrypted authentication statement to the information requestor in a safe manner; and the information requestor queries in the block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication after confirming the correctness.
The existing block chain account system is divided into an address account and a name account, wherein the address account derives an address by a private key, and in the name account, an account name can be set by a user and is irrelevant to the private key. The above two accounts are collectively referred to as an account in the present embodiment.
The step S101: the user is used as an applicant to submit authentication information to a third-party authentication mechanism, the third-party authentication mechanism carries out auditing and generates an authentication statement according to the authentication information, the third-party authentication mechanism generates corresponding authentication statement evidence storage information according to the authentication statement and stores the corresponding authentication statement evidence storage information in a block chain, then the evidence storage information is attached to the authentication statement, and the complete authentication statement including the evidence storage information is returned to the applicant for registering the identity of the user. The user identity is unique and is used for indicating a person or an entity in the real environment.
Specifically, the method for registering a user identity according to the present invention is described with reference to fig. 2, and fig. 2 shows a flow chart of the method for registering a user identity according to the present invention. As shown in fig. 2, the step S101 includes:
step S1011: a user registers an account on a blockchain;
the user may have multiple accounts, one of which is a primary account and the remaining accounts are sub-accounts.
Step S1012: the user as an applicant submits certification information to a third-party certification authority;
in order to facilitate the user to authenticate a plurality of accounts at a time, in the authentication information sent to the third-party authentication mechanism, the user may add one or more pieces of sub-account information and include signature information of each sub-account, and submit the account information and the signature information of the main account of the user, the one or more pieces of sub-account information, and the signature information corresponding to each sub-account as the authentication information to the third-party authentication mechanism.
Step S1013: the third party certification authority audits the certification information and generates a certification statement according to the material submitted by the user, and the third party certification authority signs the certification statement by using a private key;
the private key used by the third party certification authority is the third party certification authority's own private key.
Step S1014: the third party certification authority returns the signed certification statement to the applicant, and the applicant signs the certification statement by using a private key corresponding to the account of the applicant after confirming that the information in the certification statement is correct and returns the certification statement signed by the private key corresponding to the account to the third party certification authority;
and after confirming that the information in the authentication statement is correct, the applicant uses a private key corresponding to the account of the applicant to sign the authentication statement, and the private key is used for representing the approval of the content of the authentication statement.
Step S1015: the third party certification authority generates corresponding certification statement evidence storing information according to the certification statement signed by the applicant, stores the corresponding certification statement evidence storing information in a block chain, attaches the evidence storing information to the certification statement, and returns the complete certification statement including the evidence storing information to the applicant; meanwhile, the third-party certification authority also stores a complete certification statement comprising the certificate storage information;
in this embodiment, the complete certification statement including the certificate-keeping information is composed of the certification statement signed by the third-party certification authority and signed by the account corresponding to the applicant, and the additional certificate-keeping information. The additional evidence information is used as accessory information and does not need to be signed. And distinguishing a main account from a sub account in the authentication statement and evidence storage information. The authentication statement evidence information comprises a main account of the user, a plurality of sub-accounts (if the user does not have the sub-accounts, the sub-accounts do not contain the sub-account information), Hash of the authentication statement information and signature information of a third-party authentication mechanism.
Step S1016: the applicant maintains a complete certification statement including the credentialing information.
In this embodiment, the applicant may own and store the complete certification statement including the certification information, or encrypt the complete certification statement and then delegate the encrypted certification statement to a third party or a storage type blockchain for storage. When the same user sends a plurality of accounts for registration, different accounts of the same user can be bound to the same authentication statement evidence storage information.
The complete authentication declaration information stored by the user includes: the system comprises a main account, a plurality of sub-accounts (if the user does not have the sub-accounts, the sub-account information is not included), submitted authentication information original texts, authentication statement information Hash, signature information of a third-party authentication mechanism and block chain certificate storage information.
Yet another embodiment of the present application is directed to implementing a supplemental registration of the user identity. For example, the user registers another sub-account after the user identity registration, or the user does not register all accounts when the user identity registration is performed. At this point, the user identity may be additionally registered.
Specifically, the supplementary registration of the user identity includes:
step S1021: a user issues a supplementary authentication application, and the application is sent to a block chain intelligent contract, wherein the supplementary authentication application comprises signature information of an authenticated account of the user and signature information corresponding to one or more accounts needing supplementary authentication;
step S1022: the blockchain smart contract verifies whether the authenticated account is valid; if yes, go to step S1023; otherwise, the supplementary registration is finished;
specifically, verifying whether the account that has been authenticated is valid includes:
s1: inquiring whether the account information submitted by the user exists in the block chain; if so, go to S2; otherwise, the verification fails;
the account information submitted by the user can be a main account or a sub-account.
S2: judging whether the account information is authenticated, namely whether the account is bound with authentication statement evidence-storing information, and if the account submitted by the user is a main account, judging whether the main account is bound with the authentication statement evidence-storing information; if the user submits the sub-account, inquiring whether the sub-account has a main account related to the sub-account, and judging whether the main account is bound with authentication statement evidence storage information or not; if the account information is authenticated, entering S3; if the account information is not authenticated, the verification fails;
s3: judging whether the bound authentication statement storage information is cancelled; if so, the verification fails; if not, the verification is passed.
Step S1023: the blockchain smart contract authenticates whether the user is an actual holder of an account that needs replenishment; if yes, go to step S1024; if not, the supplementary registration is finished;
specifically, the blockchain smart contract authenticates whether the user is an actual holder of an account that needs replenishment, including:
if the account type is the address account, the address information of the user is deduced according to the signature information applied by the user sent to the intelligent contract of the block chain, and whether the address information is the same as the address information stored in the authentication statement evidence storage information is judged.
If the account type is a name account, a list of addresses is included in the name account. According to signature information applied by a user to the intelligent contract of the block chain, address information of the user is deduced, and then whether the address information is contained in an address list of a name account is judged. The algorithm for deriving the address information from the signature information, including but not limited to ECDSA and RSA algorithms, depends on the support of the algorithm by the particular blockchain.
Step S1024: the blockchain intelligent contract binds a plurality of accounts which are submitted by the user and are supplemented with authentication to authenticated authentication statement evidence information; the user need not repeatedly submit relevant identity material to the third party certification authority.
The step S102: the information requestor requests an authentication statement from a user, the user informs the user of a certain account, decrypts the authentication statement and sends the decrypted authentication statement to the information requestor in a safe manner; the information requestor queries in a block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication after confirming that no errors exist, wherein the method comprises the following steps:
the information acquisition party sends a request to a user, wherein the request is used for acquiring an authentication statement of the user;
the secure mode may be an HTTPS mode;
the information requestor queries the blockchain according to the authentication declaration file;
verifying the validity of the authentication assertion comprises: the authentication declaration file comprises the name and signature information of an authentication mechanism, the original authentication declaration file calculates a corresponding Hash value by using a Hash algorithm, then the Hash value is compared with the Hash value in the authentication declaration certification information stored in the block chain, and if the Hash values are the same, the authentication declaration is authenticated.
Verifying the qualification of the third party certification authority includes: the judgment is made according to the actual use scene, for example, the certification authority must be a certification authority recognized by the government in China.
Furthermore, the method for realizing the identity endorsement on the block chain further comprises an identity logout flow, and the identity logout flow has two identity logout modes, namely user active logout and third-party certification authority logout.
The method for the user to log off actively comprises the following steps:
s1: the user directly sends logout information to the block chain by himself or through an agency mechanism;
s2: after the block chain verifies the identity of the user through the account, canceling the authentication statement and the certificate storage information of the user;
specifically, the user may designate to log off information under a certain account, or may directly log off the identity. If the identity is directly logged off, the information of all accounts corresponding to the identity is invalid.
S3: and the third-party certification authority monitors the generated certification statement, and if the certification statement which is actively cancelled by the user is found to store certification information, the third-party certification authority executes an internal cancellation process to cancel the certification statement of the user stored in the third-party certification authority.
The method for logging off the third-party certification authority comprises the following steps:
s1: the third party certification authority sends logout information to the block chain;
s2: after the block chain passes through the account verification mechanism identity of the third-party authentication mechanism, canceling the designated authentication statement and evidence storage information;
since the third-party certification authority logs out the user identity, once the user identity is logged out, the information of all accounts corresponding to the identity is invalid.
S3: and after confirming that the logout is successful, the third-party mechanism informs the user and informs the user that the identity of the user is logged out.
Please refer to fig. 3, which is a block diagram illustrating an apparatus for implementing an identity endorsement on a block chain according to the present invention. As shown, the apparatus comprises:
an identity registration module: the authentication system is used for submitting authentication information to a third-party authentication mechanism by a user as an applicant, verifying by the third-party authentication mechanism and generating an authentication statement according to the authentication information, the third-party authentication mechanism generates corresponding authentication statement evidence storage information according to the authentication statement and stores the corresponding authentication statement evidence storage information into a block chain, then the evidence storage information is attached to the authentication statement, and a complete authentication statement including the evidence storage information is returned to the user; the user is an individual user or an enterprise;
an identity authentication module: the system comprises an information acquirer, a user and a server, wherein the information acquirer is used for asking for an authentication statement from the information acquirer, and the user informs the user of a certain account of the user and decrypts the authentication statement of the user and then sends the decrypted authentication statement to the information acquirer in a safe mode; and the information requestor queries in the block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication after confirming the correctness.
Further, the identity registration module comprises:
a registration submodule: for registering an account on the blockchain by the user;
the submit authentication information submodule: for submitting authentication information by the user as an applicant to a third party certification authority;
an auditing submodule: the third-party certification authority is used for auditing the certification information and generating a certification statement according to the material submitted by the user, and the third-party certification authority signs the certification statement by using a private key;
a confirmation submodule: the third-party certification authority is used for returning the signed certification statement to the applicant, the applicant uses a private key corresponding to the account of the applicant to sign the certification statement after confirming that the information in the certification statement is correct, and returns the certification statement signed by the private key corresponding to the account to the third-party certification authority;
a first storage submodule: the authentication system is used for generating corresponding authentication statement evidence storage information according to the authentication statement signed by the applicant by the third-party authentication mechanism, storing the corresponding authentication statement evidence storage information on a block chain, attaching the evidence storage information to the authentication statement, and returning the complete authentication statement comprising the evidence storage information to the applicant; meanwhile, the third-party certification authority also stores a complete certification statement comprising the certificate storage information;
a second storage submodule: for the applicant to maintain a complete certification statement including the credentialing information.
Further, the apparatus for implementing identity endorsement further comprises a supplementary registration module, configured to perform supplementary registration on the identity of the user, where the supplementary registration module includes:
supplementary authentication application submodule: the system comprises a block chain intelligent contract, a user and a server, wherein the block chain intelligent contract is used for issuing a supplementary authentication application by the user and sending the application to the block chain intelligent contract, and the supplementary authentication application comprises signature information of an authenticated account of the user and signature information corresponding to one or more accounts needing supplementary authentication;
a first judgment sub-module: for verifying by the blockchain smart contract whether the authenticated account is valid;
a second judgment sub-module: the blockchain smart contract authenticates whether the user is an actual holder of an account that needs replenishment;
the information binding submodule comprises: a means for binding accounts submitted by the user for supplemental authentication to authenticated statement of authentication deposit information by the blockchain smart contract.
Further, the first judgment sub-module includes:
a query submodule: the system is used for inquiring whether the account information submitted by the user exists in the blockchain;
a judgment submodule: the account information is used for judging whether the account information is authenticated or not, namely whether the account is bound with the authentication statement evidence storage information or not, and if the account submitted by the user is a main account, whether the authentication statement evidence storage information is bound with the main account or not is judged; if the user submits the sub-account, inquiring whether the sub-account has a main account associated with the sub-account, and judging whether the main account is bound with authentication statement evidence storage information;
logout judgment submodule: and the authentication statement used for judging whether the bound authentication statement storage information is logged off.
Further, the device for implementing identity endorsement on the block chain further comprises an identity logout submodule for logging out the identity of the user, wherein the logging out the identity of the user comprises two logging out modes of user active logging out and third-party certification authority logging out.
The embodiment of the invention further provides a system for realizing identity endorsement on a block chain, which comprises the following steps:
a processor for executing a plurality of instructions;
a memory to store a plurality of instructions;
wherein the plurality of instructions are for being stored by the memory and loaded and executed by the processor to perform the method of implementing an identity endorsement on a blockchain as described above.
The embodiment of the invention further provides a computer readable storage medium, wherein a plurality of instructions are stored in the storage medium; the plurality of instructions for loading and executing by a processor a method of implementing an identity endorsement on a blockchain as described above.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions in actual implementation, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The integrated unit implemented in the form of a software functional unit may be stored in a computer-readable storage medium. The software functional unit is stored in a storage medium and includes several instructions to enable a computer device (which may be a personal computer, a physical machine Server, or a network cloud Server, etc., and needs to install a Windows or Windows Server operating system) to perform some steps of the method according to various embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
While the invention has been described with reference to the preferred embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (12)
1. A method of implementing an identity endorsement on a blockchain, the method comprising:
step S101: a user is used as an applicant to submit authentication information to a third-party authentication mechanism, the third-party authentication mechanism carries out auditing and generates an authentication statement according to the authentication information, the third-party authentication mechanism generates corresponding authentication statement evidence storing information according to the authentication statement and stores the corresponding authentication statement evidence storing information into a block chain, then the evidence storing information is attached to the authentication statement, and the complete authentication statement including the evidence storing information is returned to the user; the user is a personal user or an enterprise;
wherein the authentication assertion is stored on the blockchain in the form of a Hash value;
the authentication statement evidence storing information distinguishes a main account and a sub account, and comprises one main account, one sub account, Hash of the authentication statement information and signature information of a third-party authentication mechanism of a user;
step S102: the information requestor requests an authentication statement from a user, the user informs the user of a certain account, decrypts the authentication statement and sends the decrypted authentication statement to the information requestor in a safe manner; and the information requestor queries in the block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication after confirming the correctness.
2. The method for implementing identity endorsement on blockchain as in claim 1, wherein the step S101 comprises:
step S1011: a user registers an account on a blockchain;
step S1012: the user as an applicant submits certification information to a third-party certification authority;
step S1013: the third party certification authority audits the certification information and generates a certification statement according to the material submitted by the user, and the third party certification authority signs the certification statement by using a private key;
step S1014: the third party certification authority returns the signed certification statement to the applicant, and the applicant signs the certification statement by using a private key corresponding to the account of the applicant after confirming that the information in the certification statement is correct and returns the certification statement signed by the private key corresponding to the account to the third party certification authority;
step S1015: the third party certification authority generates corresponding certification statement evidence storing information according to the certification statement signed by the applicant, stores the corresponding certification statement evidence storing information in a block chain, attaches the evidence storing information to the certification statement, and returns the complete certification statement including the evidence storing information to the applicant; meanwhile, the third-party certification authority also stores a complete certification statement comprising the certificate storage information;
step S1016: the applicant maintains a complete certification statement including the credentialing information.
3. The method for implementing identity endorsement on blockchain as claimed in claim 1, wherein the user identity can be registered in a supplementary manner after step S102, wherein the supplementary registration of the user identity comprises:
step S1021: a user issues a supplementary authentication application, and the application is sent to a block chain intelligent contract, wherein the supplementary authentication application comprises signature information of an authenticated account of the user and signature information corresponding to one or more accounts needing supplementary authentication;
step S1022: the blockchain smart contract verifies whether the authenticated account is valid; if yes, go to step S1023; otherwise, the supplementary registration is finished;
step S1023: the blockchain smart contract authenticates whether the user is an actual holder of an account that needs replenishment; if yes, go to step S1024; if not, the supplementary registration is finished;
step S1024: the blockchain smart contract binds a plurality of accounts of the supplementary certificate submitted by the user to the certified certificate deposit information.
4. The method of implementing identity endorsement on a blockchain as in claim 3, wherein the blockchain smart contract verifying whether the authenticated account is valid comprises:
s1: inquiring whether the account information submitted by the user exists in the block chain; if so, go to S2; otherwise, the verification fails;
s2: judging whether the account information is authenticated, namely whether the account is bound with authentication statement evidence-storing information, and if the account submitted by the user is a main account, judging whether the main account is bound with the authentication statement evidence-storing information; if the user submits the sub-account, inquiring whether the sub-account has a main account associated with the sub-account, and judging whether the main account is bound with authentication statement evidence storage information; if the account information is authenticated, entering S3; if the account information is not authenticated, the verification fails;
s3: judging whether the bound authentication statement storage information is cancelled or not; if so, the verification fails; if not, the verification is passed.
5. The method of claim 1, wherein the user identity can be revoked after step S102, wherein the logout user identity includes two logout modes, namely a user active logout mode and a third-party certification authority logout mode;
the user active logout mode comprises the following steps:
s1: the user directly sends logout information to the block chain by himself or through an agency mechanism;
s2: after the block chain verifies the user identity through the account, canceling the authentication statement and the certificate storage information of the user;
s3: the third-party certification authority monitors the generated certification statement, and if the certification statement which is actively cancelled by the user is found to store certification information, the third-party certification authority executes an internal cancellation process to cancel the certification statement of the user stored in the third-party certification authority;
the third party certification authority logout mode comprises the following steps:
1): the third party certification authority sends logout information to the block chain;
2): after the block chain passes through the account verification mechanism identity of the third-party authentication mechanism, canceling the designated authentication statement and evidence storage information;
3): and after confirming that the logout is successful, the third-party mechanism informs the user and informs the user that the identity of the user is logged out.
6. An apparatus for implementing an identity endorsement on a blockchain, the apparatus comprising:
an identity registration module: the authentication system is used for submitting authentication information to a third-party authentication mechanism by a user as an applicant, verifying by the third-party authentication mechanism and generating an authentication statement according to the authentication information, the third-party authentication mechanism generates corresponding authentication statement evidence storage information according to the authentication statement and stores the corresponding authentication statement evidence storage information into a block chain, then the evidence storage information is attached to the authentication statement, and a complete authentication statement including the evidence storage information is returned to the user; the user is an individual user or an enterprise;
wherein the authentication assertion is stored on the blockchain in the form of a Hash value;
the authentication statement evidence storing information distinguishes a main account and a sub account, and comprises one main account, one sub account, Hash of the authentication statement information and signature information of a third-party authentication mechanism of a user;
an identity authentication module: the system comprises an information acquirer, a user and a server, wherein the information acquirer is used for asking for an authentication statement from the information acquirer, and the user informs the user of a certain account of the user and decrypts the authentication statement of the user and then sends the decrypted authentication statement to the information acquirer in a safe mode; and the information requestor queries in the block chain, verifies the validity of the authentication statement and the qualification of the third-party authentication mechanism, and completes the user identity authentication after confirming the correctness.
7. The apparatus for implementing identity endorsement on blockchain as in claim 6, wherein the identity registration module comprises:
a registration submodule: for registering an account on the blockchain by the user;
the submit authentication information submodule: for submitting authentication information by the user as an applicant to a third party certification authority;
an auditing submodule: the third-party certification authority is used for auditing the certification information and generating a certification statement according to the material submitted by the user, and the third-party certification authority signs the certification statement by using a private key;
a confirmation submodule: the third-party certification authority is used for returning the signed certification statement to the applicant, the applicant uses a private key corresponding to the account of the applicant to sign the certification statement after confirming that the information in the certification statement is correct, and returns the certification statement signed by the private key corresponding to the account to the third-party certification authority;
a first storage submodule: the third-party certification authority is used for generating corresponding certification statement evidence storage information according to the certification statement signed by the applicant, storing the certification statement evidence storage information on the block chain, attaching the evidence storage information to the certification statement, and returning the complete certification statement including the evidence storage information to the applicant; meanwhile, the third-party certification authority also stores a complete certification statement comprising the certificate storage information;
a second storage submodule: for the applicant to maintain a complete certification statement including the credentialing information.
8. The apparatus for implementing identity endorsement on blockchain as in claim 6, further comprising a supplementary registration module for supplementary registration of a user identity, wherein the supplementary registration module comprises:
supplementary authentication application submodule: the system comprises a block chain intelligent contract, a user and a supplementary authentication server, wherein the block chain intelligent contract is used for issuing a supplementary authentication application by the user and sending the application to the block chain intelligent contract, and the supplementary authentication application comprises signature information of an authenticated account of the user and signature information corresponding to one or more accounts needing supplementary authentication;
a first judgment sub-module: for verifying, by the blockchain smart contract, whether the authenticated account is valid;
a second judgment sub-module: the blockchain smart contract authenticates whether the user is an actual holder of an account that needs replenishment;
the information binding submodule comprises: a plurality of accounts for supplemental authentications submitted by the user by the blockchain smart contract to which authentication assertion credit information has been authenticated.
9. The apparatus for implementing identity endorsement on blockchain as claimed in claim 8, wherein the first determining submodule comprises:
a query submodule: the system is used for inquiring whether the account information submitted by the user exists in the blockchain;
a judgment submodule: the account information processing device is used for judging whether the account information is authenticated or not, namely whether the account is bound with the authentication statement evidence storage information or not, and judging whether the main account is bound with the authentication statement evidence storage information or not if the account submitted by the user is the main account; if the user submits the sub-account, inquiring whether the sub-account has a main account associated with the sub-account, and judging whether the main account is bound with authentication statement evidence storage information;
logout judgment submodule: and the authentication statement used for judging whether the bound authentication statement storage information is logged off.
10. The apparatus for implementing identity endorsement on a blockchain of claim 6, wherein the apparatus for implementing identity endorsement on a blockchain further comprises an identity deregistration sub-module configured to deregister a user identity, wherein deregistering the user identity comprises both a user active deregistration and a third party certification authority deregistration.
11. A system for implementing an identity endorsement on a blockchain, comprising:
a processor for executing a plurality of instructions;
a memory to store a plurality of instructions;
wherein the instructions are for storage by the memory and for loading and executing by the processor the method of implementing an identity endorsement on a blockchain as claimed in any one of claims 1 to 5.
12. A computer-readable storage medium having stored therein a plurality of instructions; the plurality of instructions for being loaded by a processor and for performing the method of implementing an identity endorsement on a blockchain of claims 1 to 5.
Priority Applications (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910973623.XA CN110851857B (en) | 2019-10-14 | 2019-10-14 | Method and device for realizing identity endorsement on block chain |
| EP20875842.5A EP4046047A4 (en) | 2019-10-14 | 2020-10-13 | Method and device for implementing identity endorsement on blockchain |
| PCT/CN2020/120634 WO2021073502A1 (en) | 2019-10-14 | 2020-10-13 | Method and device for implementing identity endorsement on blockchain |
| US17/768,357 US20240143843A1 (en) | 2019-10-14 | 2020-10-13 | Method and Device for Implementing Identity Endorsement On Blockchain |
| JP2022519268A JP2022552111A (en) | 2019-10-14 | 2020-10-13 | Method and device for implementing identity verification on blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910973623.XA CN110851857B (en) | 2019-10-14 | 2019-10-14 | Method and device for realizing identity endorsement on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110851857A CN110851857A (en) | 2020-02-28 |
| CN110851857B true CN110851857B (en) | 2022-07-01 |
Family
ID=69596542
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910973623.XA Active CN110851857B (en) | 2019-10-14 | 2019-10-14 | Method and device for realizing identity endorsement on block chain |
Country Status (5)
| Country | Link |
|---|---|
| US (1) | US20240143843A1 (en) |
| EP (1) | EP4046047A4 (en) |
| JP (1) | JP2022552111A (en) |
| CN (1) | CN110851857B (en) |
| WO (1) | WO2021073502A1 (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110851857B (en) * | 2019-10-14 | 2022-07-01 | 上海唯链信息科技有限公司 | Method and device for realizing identity endorsement on block chain |
| CN112162984B (en) * | 2020-09-28 | 2024-07-19 | 彩讯科技股份有限公司 | Real-name authentication method, system, equipment and storage medium based on blockchain |
| CN112100607A (en) * | 2020-11-09 | 2020-12-18 | 南京可信区块链与算法经济研究院有限公司 | Verification system and method for block chain hardware equipment |
| CN112800484B (en) * | 2021-01-19 | 2023-06-16 | 瀚高基础软件股份有限公司 | Recording method, recording device and readable storage medium |
| CN113438293A (en) * | 2021-06-22 | 2021-09-24 | 深圳壹账通智能科技有限公司 | Service system, method, device and storage medium based on block chain |
| CN113794794B (en) * | 2021-10-08 | 2023-01-06 | 北京俩撇科技有限公司 | Method, device, equipment and storage medium for adding contact persons based on block chain |
| CN114338081B (en) * | 2021-11-29 | 2024-01-23 | 上海浦东发展银行股份有限公司 | Multi-block-chain unified identity authentication method, device and computer equipment |
| CN114297297A (en) * | 2021-12-28 | 2022-04-08 | 江苏满鼎科技有限公司 | De-neutralization supply chain combined operation method and system based on block chain |
| CN114584324B (en) * | 2022-04-28 | 2022-08-26 | 天聚地合(苏州)科技股份有限公司 | Identity authorization method and system based on block chain |
| CN115964680B (en) * | 2022-12-13 | 2023-09-29 | 暨南大学 | Copyright protection method based on double authentication blocking signature and blockchain |
| CN117768104A (en) * | 2023-12-22 | 2024-03-26 | 中国人寿保险股份有限公司山东省分公司 | Secure transaction transmission method, device, equipment and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107079037A (en) * | 2016-09-18 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Identity identifying method, device, node and system based on block chain |
| CN107086909A (en) * | 2017-03-07 | 2017-08-22 | 阿里巴巴集团控股有限公司 | Generation method and device, the method and apparatus of identity examination & verification of identity information |
| CN108235806A (en) * | 2017-12-28 | 2018-06-29 | 深圳达闼科技控股有限公司 | Method, device and system for safely accessing block chain, storage medium and electronic equipment |
| CN108615148A (en) * | 2018-03-26 | 2018-10-02 | 北交金科金融信息服务有限公司 | A kind of preposition method of commerce of secured assets and system based on block chain technology |
| CN109598615A (en) * | 2018-11-30 | 2019-04-09 | 深圳市链联科技有限公司 | A method of the transaction of block chain is participated in entity identities |
| CN109670825A (en) * | 2018-12-20 | 2019-04-23 | 姚前 | One kind being based on the associated digital asset real name register system of certificate |
| CN110224837A (en) * | 2019-06-06 | 2019-09-10 | 西安纸贵互联网科技有限公司 | Zero-knowledge proof method and terminal based on distributed identity |
Family Cites Families (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6850252B1 (en) * | 1999-10-05 | 2005-02-01 | Steven M. Hoffberg | Intelligent electronic appliance system and method |
| US11282139B1 (en) * | 2013-06-28 | 2022-03-22 | Gemini Ip, Llc | Systems, methods, and program products for verifying digital assets held in a custodial digital asset wallet |
| US20160283920A1 (en) * | 2015-03-28 | 2016-09-29 | Justin Fisher | Authentication and verification of digital data utilizing blockchain technology |
| EP3317775B1 (en) * | 2015-07-02 | 2022-02-16 | Nasdaq, Inc. | Systems and methods of secure provenance for distributed transaction databases |
| US10715311B2 (en) * | 2017-07-28 | 2020-07-14 | Workday, Inc. | System and method for blockchain-based user authentication based on a cryptographic challenge |
| US20180216946A1 (en) * | 2016-09-30 | 2018-08-02 | Mamadou Mande Gueye | Method and system for facilitating provisioning of social activity data to a mobile device based on user preferences |
| US10102526B1 (en) * | 2017-03-31 | 2018-10-16 | Vijay K. Madisetti | Method and system for blockchain-based combined identity, ownership, integrity and custody management |
| CN107196966B (en) * | 2017-07-05 | 2020-04-14 | 北京信任度科技有限公司 | Identity authentication method and system based on block chain multi-party trust |
| CN107547514A (en) * | 2017-07-17 | 2018-01-05 | 招商银行股份有限公司 | Identity identifying method, system and computer-readable recording medium |
| CN108418680B (en) * | 2017-09-05 | 2021-12-07 | 矩阵元技术(深圳)有限公司 | Block chain key recovery method and medium based on secure multi-party computing technology |
| WO2020014282A1 (en) * | 2018-07-09 | 2020-01-16 | Sandor Richard L | Systems and methods for blockchain based identity verification and transaction processing |
| CN109067543B (en) * | 2018-07-24 | 2020-04-14 | 腾讯科技(深圳)有限公司 | Digital certificate management method, device, computer equipment and storage medium |
| US20220060335A1 (en) * | 2018-09-12 | 2022-02-24 | Signe,S.A. | Method for creating a blockchain digital identity, based on an electronic signature |
| CN109472166B (en) * | 2018-11-01 | 2021-05-07 | 恒生电子股份有限公司 | Electronic signature method, device, equipment and medium |
| CN113190822B (en) * | 2019-01-16 | 2023-06-09 | 腾讯科技(深圳)有限公司 | Identity authentication method, personal security kernel node and electronic equipment |
| JP2022532244A (en) * | 2019-05-16 | 2022-07-13 | ジーエムオー グローバルサイン、インコーポレイテッド | Systems and methods for blockchain transactions by application and approval |
| CN110851857B (en) * | 2019-10-14 | 2022-07-01 | 上海唯链信息科技有限公司 | Method and device for realizing identity endorsement on block chain |
-
2019
- 2019-10-14 CN CN201910973623.XA patent/CN110851857B/en active Active
-
2020
- 2020-10-13 WO PCT/CN2020/120634 patent/WO2021073502A1/en active Application Filing
- 2020-10-13 JP JP2022519268A patent/JP2022552111A/en active Pending
- 2020-10-13 US US17/768,357 patent/US20240143843A1/en active Pending
- 2020-10-13 EP EP20875842.5A patent/EP4046047A4/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107079037A (en) * | 2016-09-18 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Identity identifying method, device, node and system based on block chain |
| CN107086909A (en) * | 2017-03-07 | 2017-08-22 | 阿里巴巴集团控股有限公司 | Generation method and device, the method and apparatus of identity examination & verification of identity information |
| CN108235806A (en) * | 2017-12-28 | 2018-06-29 | 深圳达闼科技控股有限公司 | Method, device and system for safely accessing block chain, storage medium and electronic equipment |
| CN108615148A (en) * | 2018-03-26 | 2018-10-02 | 北交金科金融信息服务有限公司 | A kind of preposition method of commerce of secured assets and system based on block chain technology |
| CN109598615A (en) * | 2018-11-30 | 2019-04-09 | 深圳市链联科技有限公司 | A method of the transaction of block chain is participated in entity identities |
| CN109670825A (en) * | 2018-12-20 | 2019-04-23 | 姚前 | One kind being based on the associated digital asset real name register system of certificate |
| CN110224837A (en) * | 2019-06-06 | 2019-09-10 | 西安纸贵互联网科技有限公司 | Zero-knowledge proof method and terminal based on distributed identity |
Non-Patent Citations (1)
| Title |
|---|
| 关于认证机构及认证管理系统的研究;张玉丽;《中国优秀硕士学位论文全文数据库 信息科技辑》;20030615(第2期);第I139-46页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| EP4046047A4 (en) | 2023-11-15 |
| WO2021073502A1 (en) | 2021-04-22 |
| CN110851857A (en) | 2020-02-28 |
| JP2022552111A (en) | 2022-12-15 |
| US20240143843A1 (en) | 2024-05-02 |
| EP4046047A1 (en) | 2022-08-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110851857B (en) | Method and device for realizing identity endorsement on block chain | |
| US10728042B2 (en) | System and method for blockchain-based cross-entity authentication | |
| CN111213350B (en) | System and method for creating decentralized identity | |
| EP3460693A1 (en) | Methods and apparatus for implementing identity and asset sharing management | |
| WO2021000420A1 (en) | System and method for blockchain-based cross-entity authentication | |
| US6934838B1 (en) | Method and apparatus for a service provider to provide secure services to a user | |
| KR102280061B1 (en) | Corporation related certificate issue system and method using did based on blockchain | |
| WO2019204794A1 (en) | System for verification of pseudonymous credentials for digital identities with managed access to personal data on trust networks | |
| CN111213147A (en) | System and method for block chain based cross entity authentication | |
| US20100088236A1 (en) | Secure software service systems and methods | |
| US9203621B2 (en) | Policy-based data management | |
| US20220321357A1 (en) | User credential control system and user credential control method | |
| US9628516B2 (en) | Policy-based data management | |
| US8806195B2 (en) | User interface generation in view of constraints of a certificate profile | |
| JP2016521932A (en) | Terminal identification method, and method, system, and apparatus for registering machine identification code | |
| CN111160909B (en) | Hidden static supervision system and method for blockchain supply chain transaction | |
| CN111641615A (en) | Distributed identity authentication method and system based on certificate | |
| CN112905979B (en) | Electronic signature authorization method and device, storage medium and electronic device | |
| KR102157695B1 (en) | Method for Establishing Anonymous Digital Identity | |
| US20210056227A1 (en) | Privacy friendly decentralized ledger based identity management system and methods | |
| CN110602023A (en) | Personal information safety control method, device and computer readable storage medium | |
| CN115423457A (en) | Cross-border financial payment settlement method and system based on block chain | |
| US20240146537A1 (en) | Computer-readable recording medium storing data management program, data management method, and data management apparatus | |
| Hölzl et al. | Real-world identification: towards a privacy-aware mobile eID for physical and offline verification | |
| WO2022243708A1 (en) | Custody service for authorising transactions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |